Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/RY0bArq-jZLzZUGQCt7VtVQ1eP8.roa
File: RY0bArq-jZLzZUGQCt7VtVQ1eP8.roa (raw, json)
Hash identifier: nOIDnyfWMWKkEgKPjDc9li7leEEkKMO7ZYw+RINdMRI=
Subject key identifier: 45:8D:1B:02:BA:BE:8D:92:F3:65:41:90:0A:DE:D5:B5:54:35:78:FF
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 019C9E8AF5D9AD45725BD7B4975CE12C35DE
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/RY0bArq-jZLzZUGQCt7VtVQ1eP8.roa
Signing time: Fri 27 Feb 2026 10:00:32 +0000
ROA not before: Fri 27 Feb 2026 10:00:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44592
IP address blocks: 45.142.180.0/24 maxlen: 24
45.142.181.0/24 maxlen: 24
45.142.182.0/24 maxlen: 24
45.142.183.0/24 maxlen: 24
45.153.32.0/24 maxlen: 24
45.153.35.0/24 maxlen: 24
92.246.84.0/24 maxlen: 24
92.246.85.0/24 maxlen: 24
92.246.86.0/24 maxlen: 24
146.19.169.0/24 maxlen: 24
195.62.46.0/24 maxlen: 24
2a0d:c2c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:8a:f5:d9:ad:45:72:5b:d7:b4:97:5c:e1:2c:35:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Feb 27 10:00:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=458d1b02babe8d92f36541900aded5b5543578ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5d:ed:6e:3a:ae:dc:22:09:60:b8:f2:be:9c:
33:63:63:0a:23:cf:47:56:b9:01:ce:9b:50:e8:c0:
fc:71:18:b1:33:b4:a4:90:50:d6:f1:14:87:74:75:
52:f6:7e:f8:b8:f4:aa:31:89:e1:d9:d8:6b:35:29:
61:e6:58:4c:e3:1f:ed:8c:26:db:25:a9:a0:f9:0f:
12:26:b7:71:c3:18:fc:09:78:a3:98:ae:63:f3:68:
3e:04:74:77:7d:75:ff:d6:56:0b:36:f8:c2:d7:23:
4a:43:7b:5b:24:86:37:ad:3a:6b:cc:7a:7a:d1:bf:
5f:52:f6:22:c4:1b:25:47:bf:c3:1c:18:ca:70:d6:
1c:fe:e2:34:ae:31:05:b3:a4:a3:ee:1c:8b:65:1c:
06:f4:a2:ce:b0:0f:29:ff:87:2e:2a:13:47:ee:66:
65:1a:f6:bf:22:75:75:5d:6f:b9:e1:72:a4:e4:f6:
0f:60:c9:54:ac:07:5b:c9:49:19:c7:74:6d:6b:84:
c7:9d:c4:d5:39:8a:2d:cd:6f:79:af:16:58:1b:1c:
b4:22:bd:53:72:e0:97:76:5b:d7:41:0a:77:27:fc:
c0:14:3b:54:5c:dd:30:47:95:d0:6d:e9:0d:43:da:
35:44:b5:e4:a3:c8:4e:d6:df:99:8a:47:48:8e:8f:
36:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:8D:1B:02:BA:BE:8D:92:F3:65:41:90:0A:DE:D5:B5:54:35:78:FF
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/RY0bArq-jZLzZUGQCt7VtVQ1eP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.180.0/22
45.153.32.0/24
45.153.35.0/24
92.246.84.0-92.246.86.255
146.19.169.0/24
195.62.46.0/24
IPv6:
2a0d:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:0d:ae:e3:e5:1f:a1:b7:b5:67:fd:97:3d:da:fa:29:1c:95:
ac:db:05:a7:8a:d9:73:a9:f1:4e:ec:5b:0a:41:12:43:cd:cb:
99:3c:21:76:03:43:a3:3f:e1:5d:56:55:e2:08:97:4f:aa:60:
84:60:30:ab:91:d1:02:e1:b0:f3:00:0a:75:8d:a0:a9:c6:ea:
40:db:31:81:9c:2a:52:50:60:27:18:a4:d6:c9:aa:fc:6c:e3:
97:d0:c1:67:17:2b:d9:25:62:8e:1a:a3:9f:80:39:a1:df:4e:
77:6e:6c:d8:19:15:08:7c:f0:f0:7a:c2:ea:d0:bf:e1:c7:8e:
2b:23:78:90:32:73:80:6d:33:cd:18:74:90:4e:4d:3e:00:5a:
17:57:d4:0f:f5:2a:a0:eb:fb:35:ad:0d:92:8c:db:f6:11:c4:
14:76:7c:00:47:69:07:72:c3:07:cf:da:8c:01:ed:4c:5d:fc:
80:40:82:7c:d3:c6:ad:48:4d:af:c9:eb:be:aa:74:b3:c4:94:
8f:3a:99:15:2e:c0:f3:94:a4:8e:16:cd:84:17:a4:a5:3c:c5:
96:d4:ea:75:92:57:4c:1a:42:4d:0a:3d:a4:db:f3:bd:e0:d8:
3c:2a:e5:f0:24:0f:99:b8:8f:06:73:f5:e1:76:b7:00:16:75:
31:11:5b:ca
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZyeivXZrUVyW9e0l1zhLDXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjYwMjI3MTAwMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NThkMWIwMmJhYmU4ZDkyZjM2NTQxOTAwYWRlZDViNTU0MzU3OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V3tbjqu3CIJYLjyvpwzY2MKI89H
VrkBzptQ6MD8cRixM7SkkFDW8RSHdHVS9n74uPSqMYnh2dhrNSlh5lhM4x/tjCbb
Jamg+Q8SJrdxwxj8CXijmK5j82g+BHR3fXX/1lYLNvjC1yNKQ3tbJIY3rTprzHp6
0b9fUvYixBslR7/DHBjKcNYc/uI0rjEFs6Sj7hyLZRwG9KLOsA8p/4cuKhNH7mZl
Gva/InV1XW+54XKk5PYPYMlUrAdbyUkZx3Rta4THncTVOYotzW95rxZYGxy0Ir1T
cuCXdlvXQQp3J/zAFDtUXN0wR5XQbekNQ9o1RLXko8hO1t+ZikdIjo827wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFEWNGwK6vo2S82VBkAre1bVUNXj/MB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvUlkwYkFycS1qWkx6WlVHUUN0N1Z0VlExZVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCLY60AwQA
LZkgAwQALZkjMAwDBAJc9lQDBABc9lYDBACSE6kDBADDPi4wDQQCAAIwBwMFAyoN
wsAwDQYJKoZIhvcNAQELBQADggEBAFsNruPlH6G3tWf9lz3a+ikclazbBaeK2XOp
8U7sWwpBEkPNy5k8IXYDQ6M/4V1WVeIIl0+qYIRgMKuR0QLhsPMACnWNoKnG6kDb
MYGcKlJQYCcYpNbJqvxs45fQwWcXK9klYo4ao5+AOaHfTndubNgZFQh88PB6wurQ
v+HHjisjeJAyc4BtM80YdJBOTT4AWhdX1A/1KqDr+zWtDZKM2/YRxBR2fABHaQdy
wwfP2owB7Uxd/IBAgnzTxq1ITa/J676qdLPElI86mRUuwPOUpI4WzYQXpKU8xZbU
6nWSV0waQk0KPaTb873g2Dwq5fAkD5m4jwZz9eF2twAWdTERW8o=
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:29:20 2026 by rpki-client